Good to Book and https://www.goodtobook.com/ (our ‘website’) are owned and operated by Good to Book Pty Ltd ABN 89 641 326 570 (referred to as ‘we’, ‘us’, ‘our’ or ‘Good to Book’). At Good to Book, we consider your privacy very seriously and are committed to protecting the privacy of your personal data.
This Privacy Policy explains our data practices, as well as the choices available to you regarding use of, access to, or how to update and correct your personal data and other information in connection with your use of our website and our services.
We are not responsible for any other privacy policies or privacy practices of third parties, sponsors, collaboration partners or clients, including YouTube, Facebook or other platforms, including social media or payment platforms.
By using our services, you consent to the policies and practices described in this Privacy Policy. If you disagree with any of the practices described in this Privacy Policy, we will be unable to provide you with any memberships or related services.
We aim for compliance with Australian privacy legislation including the Australian Privacy Principles. If you are an EU resident, we aim for compliance with the GDPR when handling your personal data (see part C). If you are a New Zealand resident, we aim for compliance with the New Zealand Privacy Act 2020 (see part D). Where applicable under California Privacy Legislation, in addition to other sections of this Privacy Policy, please see Part E.
We may update this Privacy Policy from time to time. We reserve the right to amend the Privacy Policy at any time, for any reason, and may do so by publishing a new updated version online. Your continued use of our services, and/or continued provision of your personal data will be subject to the terms of the current Privacy Policy, including any updates. We encourage you to periodically review this page for the latest update on our privacy practices. The last updated date of our Privacy Policy is listed under this policy heading for ease of reference.
What is Personal Data?
Personal data is information that can be used to personally identify you and can consist of a combination of information. Your name, address, social media profile, photograph, video or voice can all be considered personal data, whether the data is used on its own or in combination with other data to identify you.
‘High-risk data’ is information that could be used to steel your identity such as images of driver’s licences, passports and other key identification numbers. We have processes and policies in place to protect high-risk data.
Sensitive personal data is information about you that requires additional protection such as health information, criminal history, ethnicity, religious beliefs, or sexual preferences. We do not actively collect sensitive information about you and request that you do not unintentionally share it with us. We will take steps to appropriately protect any sensitive personal data we do receive.
Staying Anonymous
You can browse this website anonymously. You cannot use our user platform anonymously.
If you identify yourself to us, for example, by submitting your details through our website or contacting us by email or phone, at that point we will collect your personal data. If you subscribe as a member of our platform, we will necessarily collect the personal data about you as we have obligations to ensure our database is only accessed by known persons.
Minors
Our website is not intended to be used by minors and we do not intentionally collect the personal data of persons under the age of eighteen (18) years. If you are the guardian of a minor and suspect they may have provided us with their personal data, please contact us and request to have the minor’s personal data destroyed.
This part of our Privacy Policy (together with part F: General terms) applies to Good to Book members and website users. For EU resident members and users, please additionally see part C. For New Zealand residents, please additionally see part D. For residents of the United States, please see part E.
Collecting your personal data
At all times we try to only collect the information we need to keep you updated about our services and your membership, deliver our services and/or to answer your enquiries.
The kind of information that we collect from you may include your:
Good to Book mainly collects personal data directly from you when you request our services, or interact with us on our website, for example:
Generally, we will store and retain your personal data for a period of five (5) years after the date your most recent membership period was paid up to.
Testimonials
If you provide us with a testimonial, you give us your consent for the use of your name, your business name, image and the date of your testimonial to be displayed on our website, or in our other marketing material, together with the content of the testimonial that you provide.
You agree that we may edit your testimonial (for example to adjust the length) provided that we do not alter the meaning conveyed.
Indirect collection
Other than as disclosed in this policy, we only collect information directly from you, from publicly accessible databases (for example if we verify your ABN or company identifier via a publicly accessible website), or when third parties provide your details to us (for example a referral). This information forms part of the personal data described in this policy.
This assists us in our delivery of our services to you, or help us to update, expand and analyse our records, identify new and existing customers, and provide services that may be of interest to you. We may use Google Workspace or other similar programs, which means that your social media linked profiles and other Google information may be linked to other information we hold about you. Further information on Google’s privacy handling can be found at the link below.
Google - https://support.google.com/googlecloud/answer/6056650
Where you are not an existing customer, member or client and we have collected your information from a third party instead of directly from you, we will obtain your consent before contacting you, if required by the law of the country in which you are located.
Social Networking Services and links to other websites
We may provide links to other websites or use social networking services such as Instagram and Facebook to communicate with the public about our work. These sites have their own privacy policies.
When you communicate with us using these services, we may collect your personal data. We will only use it to help us to communicate with you and the public. The social networking service will also handle your personal data for its own purposes. We encourage you to familiarise yourself with the privacy policies of any service you use. We are not responsible for the privacy policies or privacy practices of any third-party sites.
We draw your attention to some social media privacy policies (links available below) and encourage you to read these before you decide to proceed to interact on our social media pages.
Instagram - https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect
Facebook - https://www.facebook.com/about/basics/privacy-principles
Automatically Collected Data
As you interact on our website, we may collect information about the device you used to access our site, and visits to one or more other websites (automatically collected data) through cookies, web beacons and other technologies, Internet Protocol address (IP address) tracking/URL tracking, and other tools (collectively, tracking technologies).
The data collected on our website may include types of automatically-collected data using tracking technologies including the search terms you used, new or returning user information, browser information, device type, operating system, internet service provider, website usage, referring/exit pages, platform type, date/time stamp, number of clicks, and ads viewed. Please see the Tracking Technologies section below.
Service Data
Our contract with you governs our relationship with you, so any information we receive about you during this process will only be used for the purposes of performing the services you agreed with us.
Disclosure of your personal data
In general, we use your personal data to provide you with our services, contact you or answer your enquiries. With your permission, we may send you emails about our activities. You may always withdraw your consent and unsubscribe from these emails by clicking on the unsubscribe link or by contacting us using the information set out at the end of this document.
We do not make personal data publicly available. We may give access to identification data we obtain and transaction records to appropriate and competent advisors or authorities for the purpose of obtaining advice or services. Members will be able to see information about other members and their guests inside our platform.
We share your personal data with third parties who provide services to us. We expressly authorise these third parties to process your personal data on our behalf, for the purpose of providing these services to us. We share your personal data with the following service providers:
We may also disclose personal data to third parties in the following circumstances:
Notifiable data breaches
We have processes in place to identify and manage any data breach. This includes notifying the relevant Privacy Commissioner and affected individuals if required under relevant legislation. To ensure we are always able to contact you, please ensure your contact details remain up to date. It is your responsibility to notify us in writing as indicated in the Contact Us section below.
This part of our Privacy Policy (together with part F: General terms) applies to guests who have had their information uploaded to our database after they have stayed at an accommodation operated by one of our members. For EU resident guests, please additionally see part C. For New Zealand residents, please additionally see part D. For residents of the United States, please see part E.
Collecting your personal data
We collect, hold, use and disclose personal data for the purpose of providing our services to our members. We do not otherwise sell or give away access to your personal data. If your personal data has been uploaded to our database, this was done by consent given by you at the time you booked your accommodation. We hold your personal data as a legitimate function of our business and we aim to hold only the minimum personal data required to deliver our services. We have designed our platform to limit the types of information an accommodation provider can upload.
The main way we collect your personal data is when an accommodation provider, property management software provider or online travel agent, who is a member of Good to Book, uploads it to our database or directly from you when you contact us
The type of information we will hold about you is designed for users of our platform to identify you and includes your name, address, photo identification (such as a drivers licence), passport number (where applicable), other names you may be known by, possibly the names of persons travelling with you, security or other footage that identifies you and details of any damage or problems encountered by the accommodation provider during your stay.
Generally, unless otherwise required by law, we will store and retain your personal data on our platform for a period of five (5) years from the date your name and information were last uploaded to our platform. Your personal data will be securely destroyed by us after that time.
Social Networking Services and links to other websites
We may provide links to other websites or use social networking services such as Instagram and Facebook to communicate with the public about our work. These sites have their own privacy policies. If you communicate with us using these services, we may collect your personal data. The social networking service will also handle your personal data for its own purposes. We encourage you to familiarise yourself with the privacy policies of any service you use. We are not responsible for the privacy policies or privacy practices of any third-party sites.
We draw your attention to some social media privacy policies (links available below) and encourage you to read these before you decide to proceed to interact on our social media pages.
Instagram - https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect
Facebook - https://www.facebook.com/about/basics/privacy-principles
Who can access your personal data?
Other than as disclosed in this Privacy Policy, we do not publish your personal data for general public use. As a function of our business, we make your personal data available on our platform as part of our searchable database for the use of our members.
Registered members of our service such as Short Term Accommodation Providers, Property Management System Providers and Online Travel Agents and their authorised staff will be able to search our database by guest name. If your details have been uploaded to our database, a registered member may read the data and the details of what happened with a previous accommodation provider. They may also contact that accommodation provider if they have any questions. Based on the information in our database, an accommodation provider may refuse you accommodation or impose restrictions on your stay (for example, an increased security bond).
If you stay at an accommodation and the accommodation provider uploads your information to the database, your details may also be sent out as an alert to nearby member accommodation services to let them know that there is a rogue guest in the area. This may impact your ability to find alternative accommodation.
We may also disclose personal data to third parties in the following circumstances:
Notifiable data breaches
We have processes in place to identify and manage any data breach. This includes notifying the relevant Privacy Commissioner and affected individuals if required under relevant legislation. If you are an affected individual, we will contact you using your contact details as shown in our database uploaded by your accommodation provider. This means we may not be able to reach you if your contact details subsequently change.
This additional section of our Privacy Policy applies if you are an individual located in the European Union(“EU”). If you are a resident of the EU and any part of this section C conflicts with another part of our Privacy Policy, the terms of this part C prevail. For these purposes, reference to the EU also includes the European Economic Area countries of Iceland, Liechtenstein and Norway and, where applicable, Switzerland.
We aim for compliance with the General Data Protection Regulations (“GDPR”). We collect and process the minimum amount of information required to deliver our services.
Under the GDPR, we are a data controller when it comes to your personal data. We may process the following categories of personal data about you:
Communication Data that includes any communication that you send to us whether that be through the contact form on our website, through email, text, social media messaging, social media posting or any other communication that you send us. We process this data for the purposes of communicating with you, for record keeping and for the establishment, pursuance or defence of legal claims. Our lawful ground for this processing is our legitimate interests which in this case are to reply to communications sent to us, to keep records and to establish, pursue or defend legal claims.
Customer Data that includes data relating to any purchases of our services such as your name, title, billing address, delivery address, email address, phone number, contact details and purchase details. We process this data to supply the services you have purchased and to keep records of such transactions. Our lawful ground for this processing is the performance of a contract between you and us and/or taking steps at your request to enter into such a contract.
Guest data that includes data relating to rogue guests that has been uploaded to our database by a member accommodation provider. We process this data to supply our services to registered members of our platform as a legitimate function of our business. Our lawful ground for this processing is the performance of a contract with our members and our legitimate business interests.
User Data that includes data about how you use our website and any online services together with any data that you post for publication on our website or through other online services. We process this data to operate our website and ensure relevant content is provided to you, to ensure the security of our website, to maintain back- ups of our website and/or databases and to enable publication and administration of our website, other online services and business. Our lawful ground for this processing is our legitimate interests which in this case are to enable us to properly administer our website and our business.
Technical Data that includes data about your use of our website and online services such as your IP address, your login data, details about your browser, length of visit to pages on our website, page views and navigation paths, details about the number of times you use our website, time zone settings and other technology on the devices you use to access our website. The source of this data is from our analytics tracking system. We process this data to analyse your use of our website and other online services, to administer and protect our business and website, to deliver relevant website content and advertisements to you and to understand the effectiveness of our advertising. Our lawful ground for this processing is our legitimate interests which in this case are to enable us to properly administer our website and our business and to grow our business and to decide our marketing strategy.
Marketing Data that includes data about your preferences in receiving marketing from us and our third parties and your communication preferences. This data is mostly collected from users of our website. We process this data to enable you to partake in our promotions, to deliver relevant website content and advertisements to you and measure or understand the effectiveness of this advertising. Our lawful ground for this processing is our legitimate interests which in this case are to study how customers use our services, to develop them, to grow our business and to decide our marketing strategy.
We may use Customer Data, User Data, Technical Data and Marketing Data to deliver relevant website content and advertisements to you (including Facebook adverts or other display advertisements) and to measure or understand the effectiveness of the advertising we serve you. Our lawful ground for this processing is legitimate interests which is to grow our business. We may also use such data to send other marketing communications to you. Our lawful ground for this processing is either consent or legitimate interests (namely to grow our business).
Data Transfers
Wherever possible, we prioritise partnering with respected third-party providers who choose a higher level of data protection and advise us that they take important steps to protect your personal information. This is even if we are unable to verify that it is compliant with the EU General Data Protection Regulation for the transfer of Personal Data collected from the European Economic Area and Switzerland. For our members based in Australia and New Zealand, all data is stored in Sydney, Australia.
We accept payments using Stripe which allows us to sell our services to you. We do not take custody of or store your card details, although our payment processors may store that information on our behalf.
Financial information you provide to a third-party site will be managed according to their own privacy policy. We will share your personal data with our payment service providers only to the extent necessary to process your payments or deal with refunds, disputes or complaints in relation to your payments.
We use automated email functions via third party provider MailerLite. You may opt out of receiving emails via the unsubscribe function contained within the footer of the emails.
Privacy policies for our providers can be found here:
Stripe - https://stripe.com/privacy-center/legal
MailerLite.com - https://www.mailerlite.com/legal/privacy-policy
Inapplicability of Privacy Policies of Any Linked Websites or Other Third Parties
This Privacy Policy only addresses our use and disclosure of your personal data. We encourage you to be aware that when you go to another website you should carefully read their privacy policy.
We are responsible for the processing of personal data received from you, under each Privacy Shield Framework, and subsequently transferred to a third-party acting as an agent on our behalf. Good to Book complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.
Good to Book is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have unresolved privacy or data use concerns that we have not addressed satisfactorily, please contact the U.K.-based third-party dispute resolution provider (free of charge) at https://www.financial-ombudsman.org.uk/ . Under certain conditions, more fully described on the Privacy Shield website at https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint, you may be entitled to binding arbitration when other dispute resolution procedures have been exhausted.
Legitimate Interest
Legitimate interests refer to the way we conduct and manage our interests. For example, we have a legitimate interest in processing your personal data to analyse how our websites and our products and services are being used by you, and to ensure network and information security, as described in this Privacy Policy.
When we process your personal data for our legitimate interests, we make sure to consider and balance any potential impact on you, and your rights under data protection laws. Our legitimate interests do not automatically override your interests. We will consider the impact of our interests upon your interests and your consent regarding your personal data. You have the right to object, in writing, to processing your data that is based on our legitimate interests. For more information on your rights, please see Your Rights section below.
Our Security Measures to Protect Your Personal Data
We are committed to taking reasonable efforts to secure your personal data information. We use a variety of security and procedures to help protect against unauthorised access of personal data. We restrict access to personal data at Good to Book and use two-step authentication security processes, wherever possible. We will treat your personal data with the greatest respect.
We cannot guarantee or warrant the security of any information you transmit to us, or to or from our online products or services. We take no responsibility or liability for the security of information transmitted via the internet. If you have questions about this Privacy Policy or the security of your personal data, please contact us using the Contact Us section found below.
If you are a guest, unless otherwise required by law, we will securely destroy your personal data five (5) years after the last time your personal data has been uploaded to our platform by a member of our services.
If you are a member of our platform, we will securely destroy your personal data when it is no longer required for our business purposes. We anticipate this will occur five (5) years after you cease to be a member of our platform however this period may always change for compliance purposes with any relevant law of our jurisdiction.
We may share your personal data when required to do so by law or with our professional advisers to obtain advice, for instance if there is a breach of the terms and conditions, or to meet our accounting or compliance obligations. We use your personal data in this manner as a requirement for the legitimate functioning of our business.
Your Rights
Subject to applicable law, you have the following rights in relation to your personal data:
If we have shared your personal data with another third party, and you contact us under one of your rights identified above, wherever possible we will contact them to amend it and let you know.
You may exercise your rights by contacting us in writing using the Contact Us section below.
Please allow for a period of thirty (30) days for us to look into your request and get back to you.
We will action your request as soon as practically possible however such a request will not take effect immediately and your data may still be used in the meantime.
You may request that all personal data we have collected about you be deleted from our records and erased from information stored by any third party organisations processing data on our behalf (known as the right to be forgotten).
If you make a request to be forgotten:
If data we have collected about you is processed using automated means, you have the right to receive that data in a structured, machine-readable format and to transmit it to another data controller without hindrance.
We will carefully review privacy rights requests and let you know the outcome of our decision. We will require sufficient identification from you to confirm your identity. There are circumstances where it is lawful for us to not action your request, we will let you know if this applies. Our full details are at the end of this policy.
Embedded content from other websites
Articles on our website may contain embedded content from other websites, like YouTube. For example, videos or images within an article or even whole articles. The embedded data behaves as though you have actually visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking and monitor your interaction with the embedded content, including tracking your interaction with the embedded content if you have an account or are logged in to the other website.
This additional section of our privacy policy relates to residents of New Zealand. If you are a resident of New Zealand and any part of this section D conflicts with another part of our privacy policy, the terms of this part D prevail.
Cross border transfer of data
We may store personal data collected within New Zealand in services located outside of New Zealand. This means your personal data may be stored in another country. We aim to only use reputable service providers who store and use client data to a standard as high as the requirements of the New Zealand Privacy Act 2020. Additionally, when you signed up with us as member or provided your personal data to a member accommodation provider as a guest, you gave us your consent for your personal data to cross borders in this manner.
Data rights
You have the right to find out what personal data we hold about you, to request correction of your personal data and to request the deletion of any personal data collected by us. Note that some of the rights listed in this section will not apply to data we are using about you within our database for our legitimate business purposes. As a guest whose information has been given to us for our business purposes, you have more limited rights.
Please forward any personal data requests to us using the details provided in the Contact Us section below. Note that there are circumstances where we are not required to delete or amend your data, even if you request that we do so. We will let you know if this applies. We may ask for proof of identification prior to releasing any information.
If you are not satisfied with our response to any privacy-related concern you may have, you can contact the New Zealand Privacy Commissioner: Office of the Privacy Commissioner email: enquires@privacy.org.nz.
This section provides additional details about the rights of Californian consumers under the California Consumer Privacy Act (CCPA).
Your CCPA Rights and Choices
As a Californian consumer and subject to certain limitations under the CCPA, you have choices regarding our use and disclosure of your personal data.
You may request, up to twice in a twelve (12) month period, the following information about the personal data we have collected about you during the past twelve (12) months:
You may request in writing that we delete the personal information we have collected from you, subject to certain limitations under applicable law.
We do not use, share, rent or sell your personal data for interest-based advertising, except for the services you have engaged us to do. Our website and services do not respond to Do Not Track requests.
The CCPA provides that you may not be discriminated against for exercising these rights.
Tracking Technologies
Together with our partners, we may use cookies and other technologies to analyse trends, administer the website, track your movements around the websites, to gather demographic information about our user base and to collect information about your browsing habits in order to make advertising relevant to you and your interests, as described below.
When you first visit our website, you will be asked to consent to the use of cookies and similar technologies in accordance with our Privacy Policy, and if you accept, we will store cookies and similar technologies on your device.
What Are Cookies
Cookies are pieces of data sent to your browser when you visit a website stored on your device or computer’s hard drive. Cookies may store user preferences and other information. For example, cookies can store your session information for easy login to a website, or your language or user interface customisation preferences or may allow websites to record your browsing activities (for example, number of page views, number of visitors, and time spent on each page).
We use both session ID cookies and persistent cookies. A session ID cookie expires when you close your browser. A persistent cookie remains on your hard drive for a set period of time or until you delete it.
How We Use Cookies
We classify cookies in the following categories:
These cookies make it possible to link the actions of a user during a browser session to navigate around web pages, access secure areas of our website and help make the services available through our website and software functionality. Without these cookies, some basic functions of our website would not work.
For example, a session cookie is used to track a visitor’s identity during a particular session, and another cookie contains credentials to authenticate a user).
We use session cookies for authentication and authorisation purposes and to track a visitor’s identity during a particular session. Because these cookies are strictly necessary to deliver our services, users cannot refuse them.
You can block or delete these cookies by changing your browser settings.
Preferences
These cookies are used to store choices you make and your preferences regarding our services (such as your username, language or the region you are in, to enable user interface customisation). These allow us to provide enhanced, more personal features (such as enabling customer support for users, for example offering live support chat). These are not essential for using our services. However, without these cookies, certain functions may not work properly. For example, our website uses cookies to manage the display of items or content.
Our user interface customisation cookies are used to store clients’ preferences, such as grid preferences (columns, sort order, etc.) or to enable certain functions. You can block or delete these cookies by changing your browser settings.
Analytics
These cookies allow us to recognise you and count the number of times you visit and how you move around the website when using it. This helps us to improve the way our website works and makes sure you can find what you need more easily.
We may use cookies from our website, Google Analytics, Google Ads, Facebook Ads, YouTube Ads and other third party providers. The information collected by Google (including your IP address) will be transmitted and stored on servers in the United States of America. Google will use this information to evaluate your use of our website, compile reports on our website activity and provide further services to us relating to our website’s usage. Learn more about Google Analytics’ privacy practices, and see a copy of Google’s privacy policy, at the following link: https://support.google.com/analytics/answer/6004245?hl=en&ref_topic=2919631.
We may use Analytics cookies on our website to analyse and evaluate the use of our sites and improve our services and features. If a user is logged in to our website, https://sewandtell.com.au/ the application also sets additional authentication cookies.
You can also prevent your data from being collected by Google Analytics on the Websites by downloading and installing the Google Analytics Opt-out Browser Add-on for your current web browser at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
You may enable various integrations which, in turn, may set additional cookies. These cookies are set and controlled by you, for website usage tracking, analytics and enabling social media features. Sew & Tell Australia does not control the placement of those cookies. Use of those cookies is governed by your own privacy and cookie policies.
Other Technologies
We may use a tracking technique with embedded URLs to allow use of our website without cookies. Embedded URLs allow limited information to follow you but are not associated with personal data.
We collect information about your IP addresses and your user interaction behaviours of our website, to help us improve our website to better suit your needs. We may use information about your IP address to help diagnose problems with our server, administer our website, analyse any trends, track visitor movements, and gather information that assists us in identifying your personal preferences, as well as other visitor preferences. We also may use your IP address to enhance our security and investigate an actual or potential security incident.
We use embedded pixel technologies (or pixel tags) for the purposes of identifying unique user visits (as opposed to aggregate hits) and for advertising purposes. In addition, embedded pixels or other technologies may be used in emails and our online display advertising to provide information on when the email or advertisement was opened, to track marketing campaign responsiveness.
We may use widgets, which are interactive mini programs that run on our site to provide specific services from another company (e.g. links to bookmarked sites), along with buttons or other tools that link to other companies' services (e.g. a Like button). The widget, button or tool may collect and automatically send personal data, such as your email address, or other information to a third party. Cookies may also be set or used by the widgets, buttons or tools to enable them to function properly or for advertising. Information collected or used by a widget, button or tool, including cookie settings and preferences, is governed by the privacy policy of the company that created it.
We may also compile, anonymise and/or aggregate your personal data and other information we collect about you, as described in this Privacy Policy. We may also use such anonymised and/or aggregated data for our business purposes. This includes disclosing this important data to our partners, service providers, advertisers and/or other third parties for marketing, content-building or promotional purposes. This aggregate information does not identify you and we may keep this information indefinitely.
Your Choices
On most web browsers, you will find a help section on the toolbar which provides a link to information about how to turn off browser cookies. Please note that if you reject cookies or disable cookies, your use of certain functions on our website may be limited.
To find out more about cookies and similar technologies, including how to see what cookies and similar technologies have been set and how to manage and delete them, visit www.allaboutcookies.org and/or or the Network Advertising Initiative’s online resources, at http://www.networkadvertising.org and follow the opt-out instructions there.
If you access our website on your mobile device, you may not be able to control the settings for tracking technologies. If you wish to not have your information used for the purpose of serving you targeted advertisements, you may opt-out by visiting the Network Advertising Initiative’s online resources available here https://optout.networkadvertising.org/?c=1 and following the opt-out instructions there, or if located in the European Union, visit the European Interactive Digital Advertising Alliance’s Your Online Choices opt-out tools https://www.youronlinechoices.com/. By opting out of targeted advertisements, you will no longer see advertisements on our website from third-party partners that participate in the Digital Advertising Alliance. However, you may still continue to see other non-targeted advertisements on our websites.
Security and Storage of your personal data
While no system is 100% impenetrable and we cannot guarantee the safety of the information you store with us, we use industry standard or higher measures to securely store the information we hold. All information collected by us is stored on a secure cloud server based in Sydney, Australia. All communication between users and our platform are secured by end-to-end encryption using HTTPS protocol Secure Sockets Layer (SSL).
Additionally, we add encryption to forms (to ensure important information is inaccessible without security access), use server and application level firewalls, port control, IP blacklisting and regular backups and security breach monitoring.
We have limitations in place for the category of people who can use the database at operator level and who can access the database within our organisation.
We store your information in the cloud and use third party providers, such as Stripe, Mailerlite, Memberpress and Google Cloud Platform (GCP). We designate Australia as the country for storage of our data and your data may be stored outside your country. We keep your information safe by storing it in accordance with this Privacy Policy. We only grant permission of access to limited staff and our relevant third party providers. We do not sell your personal information.
The applicable data privacy and data protection laws for us may offer less protection than the laws in your country. By using our services, the website, or sending us your personal data, you agree to the transfer of your personal data as described in this Privacy Policy. If you do not agree to such cross-border transfers of your personal data, please do not submit it through our website.
We aim to only work with respected third-party providers who promote their intention to protect personal information and will provide a reasonable level of data protection, even if we are unable to verify that it is compliant with the EU General Data Protection Regulation for the transfer of Personal Data collected in the European Economic Area and Switzerland.
We use interfaces with social media websites or platforms that are owned and/or controlled by third parties, such as YouTube, Facebook, Instagram, LinkedIn, X and others (Social Media Sites). If you are a member and choose to “like” or share information through any social media sites, the interfaces on our website may allow the social media site to connect your website visit to your personal data. Any information you share with the social media sites will be governed by the specific privacy policies and terms of service of the social media sites and not by this Privacy Policy. Before you interact with our pages on a social media site, you should review and agree to the privacy policies of that social media site.
If you are an EU Data Subject, please see the EU Data Subject section above for information on your rights in relation to the Personal Data we hold about you.
Due to the online nature of our operations and the members we have from diverse locations, it is likely personal data stored by us will cross international borders. We aim to use reputable third party providers for services including cloud storage, CRM and payments.
How You Can Access and Change Information
We acknowledge that you have the right to access your personal data and we will allow you to access, correct, amend, or delete any inaccurate data. If you make a request to us in writing to remove any data we may hold about you, we will respond within a reasonable timeframe. You cannot request that your data be identified or extracted from anonymised and/or aggregated data. We cannot remove you at a later date.
Upon request, we will advise you if we hold any of your personal data. You may access, update or correct your personal data or remove it from our system by contacting us in writing as indicated under the Contact Us section below. Requests typically receive a response within thirty (30) days. If access cannot be provided within that time frame, we will provide you with an alternative estimated date. If we deny access, we will explain our reasons to you at the time. If you are listed as a rogue guest on our database and believe this is incorrect, the onus is on you to show why we should remove your details. You may email us at the email address listed in the Contact Us section below setting out your reasons and we will consider your information. Decisions about removal or amendment of data remain with us however as the data we hold is used as a legitimate business purpose of ours.
You will need to provide proof of your identity to exercise these rights and we will also store a copy of your proof of identity with our stored information.
Conditions of Use
By using our services, you agree to the terms and conditions contained in this Privacy Policy and other terms and conditions published by us through this website or provided directly to you. If you do not agree to any of these terms and conditions, you should not use our services. You agree that any dispute over privacy or the terms contained in this Privacy Policy and terms will be governed by the laws of Australia. You also agree to arbitrate any such dispute in Queensland, Australia, and to accept any limitation on damages contained in any agreement we may have with you.
Problems?
If you have any concerns about our use of your personal data, please write to us using the Contact Us section below and let us know what the problem is. We will generally respond to your concerns within thirty (30) days.
If you are not happy with how we manage your concerns, you can contact the Australian Privacy Commission, available at http://www.oaic.gov.au (if you are within Australia, or alternatively, the relevant privacy commission in your jurisdiction).
Contact Us
If you have any questions about this Privacy Policy or our treatment of the information you provide us, please contact us at:
Good to Book Pty Ltd ABN 89 641 326 570
Email: admin@goodtobook.com
